%%-*- mode: erlang -*-
%% emq_auth_pgsl config mapping

{mapping, "auth.pgsql.server", "emq_auth_pgsql.server", [
  {default, {"127.0.0.1", 5432}},
  {datatype, [integer, ip, string]}
]}.

{mapping, "auth.pgsql.pool", "emq_auth_pgsql.server", [
  {default, 8},
  {datatype, integer}
]}.

{mapping, "auth.pgsql.database", "emq_auth_pgsql.server", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.username", "emq_auth_pgsql.server", [
  {default, ""},
  {datatype, string}
]}.

{mapping, "auth.pgsql.password", "emq_auth_pgsql.server", [
  {default, ""},
  {datatype, string}
]}.

{mapping, "auth.pgsql.encoding", "emq_auth_pgsql.server", [
  {default, utf8},
  {datatype, atom}
]}.

{mapping, "auth.pgsql.ssl", "emq_auth_pgsql.server", [
  {default, false},
  {datatype, {enum, [true, false]}}
]}.

{mapping, "auth.pgsql.ssl_opts.keyfile", "emq_auth_pgsql.server", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.ssl_opts.certfile", "emq_auth_pgsql.server", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.ssl_opts.cacertfile", "emq_auth_pgsql.server", [
  {datatype, string}
]}.

{translation, "emq_auth_pgsql.server", fun(Conf) ->
  {PgHost, PgPort} =
  case cuttlefish:conf_get("auth.pgsql.server", Conf) of
    {Ip, Port} -> {Ip, Port};
    S          -> case string:tokens(S, ":") of
                    [Domain]       -> {Domain, 5432};
                    [Domain, Port] -> {Domain, list_to_integer(Port)}
                  end
    end,
  Pool = cuttlefish:conf_get("auth.pgsql.pool", Conf),
  Username = cuttlefish:conf_get("auth.pgsql.username", Conf),
  Passwd = cuttlefish:conf_get("auth.pgsql.password", Conf, ""),
  DB = cuttlefish:conf_get("auth.pgsql.database", Conf),
  Encoding = cuttlefish:conf_get("auth.pgsql.encoding", Conf),
  Ssl = cuttlefish:conf_get("auth.pgsql.ssl", Conf),

  Filter  = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
  SslOpts = fun(Prefix) ->
                Filter([{keyfile,    cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
                        {certfile,   cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
                        {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)}])
            end,
  [{pool_size, Pool},
   {auto_reconnect, 1},
   {host, PgHost},
   {port, PgPort},
   {username, Username},
   {password, Passwd},
   {database, DB},
   {encoding, Encoding},
   {ssl, Ssl},
   {ssl_opts, SslOpts("auth.pgsql.ssl_opts")}]
end}.

{mapping, "auth.pgsql.auth_query", "emq_auth_pgsql.auth_query", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.password_hash", "emq_auth_pgsql.password_hash", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.pbkdf2_macfun", "emq_auth_pgsql.pbkdf2_macfun", [
  {datatype, atom}
]}.

{mapping, "auth.pgsql.pbkdf2_iterations", "emq_auth_pgsql.pbkdf2_iterations", [
  {datatype, integer}
]}.

{mapping, "auth.pgsql.pbkdf2_dklen", "emq_auth_pgsql.pbkdf2_dklen", [
  {datatype, integer}
]}.

{mapping, "auth.pgsql.super_query", "emq_auth_pgsql.super_query", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.acl_query", "emq_auth_pgsql.acl_query", [
  {datatype, string}
]}.

{mapping, "auth.pgsql.acl_nomatch", "emq_auth_pgsql.acl_nomatch", [
  {default, deny},
  {datatype, {enum, [deny, allow]}}
]}.

{translation, "emq_auth_pgsql.password_hash", fun(Conf) ->
  HashValue = cuttlefish:conf_get("auth.pgsql.password_hash", Conf),
  case string:tokens(HashValue, " ") of
    [Hash]           -> list_to_atom(Hash);
    [Prefix, Suffix] -> {list_to_atom(Prefix), list_to_atom(Suffix)};
    [Hash, MacFun, Iterations, Dklen] -> {list_to_atom(Hash), list_to_atom(MacFun), list_to_integer(Iterations), list_to_integer(Dklen)};
    _                -> plain
  end
end}.
